An
Email with the Subject "Notification from Billing Department !" was
received in one of Scamdex's honeypot email accounts on Fri, 29 Jun 2007 07:58:14 -0700
and has been classified as a Generic Scam Email.
The sender shows as "PayPal"<security@paypal.com>.
The email address was probably spoofed. Do not reply to or contact any persons or organizations referenced in
this email, or follow any URLs as you may expose yourself to scammers and, at the very least, you will be
added to their email address lists for spam purposes.
This a (redacted) view of the raw email headers of this scam email.
Personally Identifiable Information (PII) has been suppressed, but can be
supplied as received to appropriate investigating or law enforcement agencies on request.
EEEEEstdClass Object
(
[return-path:] =>
[envelope-to:] => employment-scams@scamdex.com
[delivery-date:] => Fri, 29 Jun 2007 07:58:14 -0700
[received:] => Array
(
[0] => from [213.25.46.2] (helo=Wietrzyk.wie.okay.pl)by bartok.o7e.net with esmtps (TLSv1:AES256-SHA:256)(Exim 4.63)(envelope-from )id 1I4HvJ-0007Kp-Ljfor employment-scams@scamdex.com; Fri, 29 Jun 2007 07:58:14 -0700
[1] => from User (mail.cosmosmarine.com [83.235.55.10])(authenticated bits=0)by Wietrzyk.wie.okay.pl (8.12.8/8.12.8) with ESMTP id l5TD9pDc017291;Fri, 29 Jun 2007 15:10:00 +0200
)
[x-uid:] => <200706291310.l5TD9pDc017291@Wietrzyk.wie.okay.pl>
[from:] => "PayPal"
[subject:] => Notification from Billing Department !
[date:] => Fri, 29 Jun 2007 17:45:58 +0300
[mime-version:] => 1.0
[content-type:] => text/html;charset="Windows-1251"
[content-transfer-encoding:] => 7bit
[x-priority:] => 3
[x-msmail-priority:] => Normal
[x-mailer:] => Microsoft Outlook Express 6.00.2600.0000
[x-mimeole:] => Produced By Microsoft MimeOLE V6.00.2600.0000
[message-id:] => <200706291310.l5TD9pDc017291@Wietrzyk.wie.okay.pl>
[x-scamdex-scores:] => S:37 P:43 A:40 L:35 E:43 G:34
[x-scamdex-classtype:] => E
[x-scamdex-classscore:] => 43
[x-scamdex-totscore:] => 232
[x-scamdex-kw:] => \%,access,account,activity,contact,employ,ended,inc.,login,notification,paypal,user
[x-scamdex-dir:] => P
[x-scamdex-id:] => P1204769287.M959278P20228V
[x-scamdex-copyright:] => This Email is Copyright Scamdex.com 2009, Reproduction Prohibited
)
Domain Names used for collecting scam email ("Honeypot email accounts") have been obscured and replaced with the token 'HUN1P0T'
Community Action - SPAM/non-Scam Report
Occasionally, incorrectly categorized emails get into the Scamdex Scam Email Database and need to be removed. If this
email has Personally Identifiable Information (PII), or is, in your opinion, from a bona-fide entity, let us know.
Scamdex will, as soon as is practicable, take-down any emails that in our opinion should not
be in our database. Note that ALL emails in the Scamdex Scam Email Database were received as Unsolicited Commercial Email, aka UCE or
SPAM, via unpublished 'Honeypot' email addresses.
As part of our security measures, we regularly screen activity in the
PayPal system.
We recently noticed the following issue on your account:
We have reason to believe that your account was accessed by a third
party.
Because protecting the security of your account is our primary concern,
we
have limited access to sensitive PayPal account features. We understand
that this may be an inconvenience but please understand that this
temporary
limitation is for your protection.
Case ID Number: PP-126-881-143
For your protection, we have limited access to your account until
additional security measures can be completed. We apologize for any
inconvenience this may cause.
To securely confirm your PayPal information please click on the link bellow:
To review your account and some or all of the information that PayPal
used
to make its decision to limit your account access, please visit the
Resolution Center.
If, after reviewing your account information, you
seek
further clarification regarding your account access, please contact
PayPal
by visiting the Help Center and clicking "Contact Us".
We thank you for your prompt attention to this matter. Please
understand
that this is a security measure intended to help protect you and your
account. We apologize for any inconvenience.
Sincerely,
PayPal Account Review Department
PayPal Email ID PP413
Dear Client,
As part of our security measures, we regularly screen activity in the
PayPal system.
We recently noticed the following issue on your account:
We have reason to believe that your account was accessed by a third
party.
Because protecting the security of your account is our primary concern,
we
have limited access to sensitive PayPal account features. We understand
that this may be an inconvenience but please understand that this
temporary
limitation is for your protection.
Case ID Number: PP-126-881-143
For your protection, we have limited access to your account until
additional security measures can be completed. We apologize for any
inconvenience this may cause.
To securely confirm your PayPal information please click on the link bellow:
To review your account and some or all of the information that PayPal
used
to make its decision to limit your account access, please visit the
Resolution Center.
If, after reviewing your account information, you
seek
further clarification regarding your account access, please contact
PayPal
by visiting the Help Center and clicking "Contact Us".
We thank you for your prompt attention to this matter. Please
understand
that this is a security measure intended to help protect you and your
account. We apologize for any inconvenience.
Sincerely,
PayPal Account Review Department
PayPal Email ID PP413
